DDoS & Application Attack Hub

Combating the growing frequency and complexity of DDoS- and application-level cyberattacks requires visibility, analysis and continuous threat intelligence to stay atop current threats and ahead of emerging ones.

Via correlation and validation of real world attack data from different sources, Radware’s DDoS & Application Attack Hub provides a comprehensive, in-depth analysis of network and application attack activity, quarter over quarter, threat by threat. It analyzes network and application attack activity by industry, attack vectors, on-premise vs. cloud, and much more.

Data for the DDoS & Application Attack Hub is sourced from Radware’s worldwide network of cloud and managed services and Radware’s Global Deception Network.

Continue reading


DDoS Attack Activity

Distributed denial-of-service attacks seek to impact the availability of key business services and/or infrastructure. Understand which regions and industries experience the highest volumes of DDoS attacks and learn about trends in DDoS attack sizes and volumes

DDoS Events and Volume

Blocked malicious events, normalized per customer

Blocked malicious events

Blocked malicious events, normalized per customer

Quarterly average and maximum attack sizes

Large attacks with traffic rates above 10Gbps

The number of large attacks shrunk decreased by 5% year over year

Mid-sized attacks with traffic rates between 1Gbps and 10Gbps

The number of mid-sized attacks grew 39% year over year

Micro floods with traffic rates below 1Gbps

The number of micro floods grew 79% year over year.

DDoS Attacks by Region and Industry

Top attacked industries, normalized per customer

Blocked malicious events

Blocked volume per region, normalized per customer

Attack vectors

Application Attack Activity

Understand the rate, types of attacks, application vulnerabilities and sources of application attacks globally.

Quarterly blocked application security events

Blocked malicious events

Top offending countries, application attacks

Attacks per industry, normalized per customer

Top security violation types, normalized per customer

Blocked security violations by OWASP 2017 application security risks

Unsolicited Network Activity

Powered by the globally distributed sensors that comprise Radware’s Global Deception Network (GDN), unsolicited events include DDoS backscatters, spoofed and nonspoofed scans, and spoofed and nonspoofed attacks. This data differs from DDoS and web application events due to the unsolicited nature of the event. Unsolicited events are random scans or attacks not targeting known services or a particular organization.

Number of events per month, recorded by Radware’s GDN

Blocked malicious events

Number of unique IPs per month, registered by Radware’s GDN

Top scanned and attacked TCP ports

Top scanned and attacked UDP ports

Top attacking countries

Threat Map

For near real-time analysis of additional unsolicited DDoS and application events, view Radware’s Live Threat Map


Next Steps

For additional, detailed analysis of new threats, vulnerabilities and attack vectors as they emerge, view our Threat Intelligence Alerts, or subscribe to our email list to automatically receive these alerts as they’re released.

Threat intelligence and analysis is only the beginning. Learn more about how Radware’s cybersecurity solutions provide state-of-the-art, frictionless security solutions that empower innovation and agility while safeguarding your organization.